Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
ApplyProtectionFromCSRF function
// Gist associated with
// ApplyProtectionFromCSRF makes all POST messages check for a csrf_token
func (application *Application) ApplyProtectionFromCSRF(c *web.C, h http.Handler) http.Handler {
fn := func(w http.ResponseWriter, r *http.Request) {
protected := nosurf.New(h)
failureHandler := func(w http.ResponseWriter, r *http.Request) {
log.Errorf("Possible CSRF attack")
w.Write([]byte("400: Request could not be handled"))
protected.ServeHTTP(w, r)
return http.HandlerFunc(fn)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.